﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;

public partial class CreateNewAccount : System.Web.UI.Page
{
    SqlConnection conn;
    SqlCommand cmd;
    string EncPass = string.Empty;
    private Random rndm = new Random();
    protected void Page_Load(object sender, EventArgs e)
    {
        txtUserName.Focus();
        conn = new SqlConnection(System.Web.Configuration.WebConfigurationManager.ConnectionStrings["connstr"].ConnectionString);
        try
        {
            conn.Open();
        }
        catch (SqlException ex)
        {
            ltMsg.Mode = LiteralMode.Transform;
            ltMsg.Text = ex.Message;
        }
        if (!Page.IsPostBack)
        {
            //this.Session["CaptchaImageText"] = GenerateRandomCode();
        }
        else
        {
            if (!txtCaptchaCode.Text.Equals(this.Session[ADSSAnitBot.SESSION_CAPTCHA]))
            {
                ltMsg.Text = "Incorrect Captcha Code. Try again";
                txtCaptchaCode.Text = string.Empty;
                txtCaptchaCode.Focus();
            }
        }
    }
    protected void btnSubmit_Click(object sender, EventArgs e)
    {
        EncPass = SSTCryptographer.Encrypt(txtPassword.Text.Trim(), System.Web.Configuration.WebConfigurationManager.AppSettings["KEY"]);
        cmd = new SqlCommand("Insert into HAT_UserAccounts(UserName, Password, DOB, EMailAddr, SecretQuestion, SecretAnswer, FirstName, LastName, DisplayName) Values(@UserName, @Password, @DOB, @Email, @SecretQuestion, @SecretAnswer, @FName, @LName, @Dname)", conn);
        cmd.Parameters.Add("@UserName", SqlDbType.VarChar).Value = txtUserName.Text;
        cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = EncPass;
        cmd.Parameters.Add("@DOB", SqlDbType.DateTime).Value = txtDOB.Text;
        cmd.Parameters.Add("@EMail", SqlDbType.VarChar).Value = txtEMailAddr.Text;
        cmd.Parameters.Add("@SecretQuestion", SqlDbType.VarChar).Value = txtQuestion.Text;
        cmd.Parameters.Add("@SecretAnswer", SqlDbType.VarChar).Value = txtAnswer.Text;
        cmd.Parameters.Add("@FName", SqlDbType.VarChar).Value = txtFirstName.Text;
        cmd.Parameters.Add("@LName", SqlDbType.VarChar).Value = txtLastName.Text;
        cmd.Parameters.Add("@DName", SqlDbType.VarChar).Value = txtDisplayName.Text;
        try
        {
            Operations.EmailNewAccountCreated(txtDisplayName.Text);
            cmd.ExecuteNonQuery();
            CreateRole();
            Session["NewAccount"] = txtUserName.Text;
            Page.Response.Redirect("~/AccountCreationComplete.aspx", false);
        }
        catch (SqlException ex)
        {
            ltMsg.Text = ex.Message;
        }
    }
    private void CreateRole()
    {
        int UserID = 0;
        cmd = new SqlCommand("select UserID from HAT_UserAccounts where UserName=@Username", conn);
        cmd.Parameters.Add("@Username", SqlDbType.VarChar).Value = txtUserName.Text.Trim();
        SqlDataReader dr;
        try
        {
            dr = cmd.ExecuteReader();
            while (dr.Read())
            {
                UserID = dr.GetInt32(0);
            }
            dr.Close();
        }
        catch (SqlException ex)
        {
            ltMsg.Text = ex.Message;
        }
        cmd = new SqlCommand("Insert Into HAT_UserRoles(UserID, Role) Values(@UserID,@Role)", conn);
        cmd.Parameters.Add("@UserID", SqlDbType.Int).Value = UserID;
        cmd.Parameters.Add("@Role", SqlDbType.VarChar).Value = "Normal";
        try
        {
            cmd.ExecuteNonQuery();
        }
        catch(SqlException ex)
        {
            ltMsg.Text=ex.Message;
        }
    }
}